mailcow-dockerized
mailcow-dockerized copied to clipboard
Adding dependabot config (for Dockerfiles)
Adding config for Dependabot keeping track of new versions.
Seems the config is wrong, I fixed it by testing to
version: 2
updates:
- package-ecosystem: docker
directory: "/data/Dockerfiles"
schedule:
interval: daily
time: "04:00"
target-branch: "staging"
pull-request-branch-name:
separator: "-"
open-pull-requests-limit: 10
Also then getting this error
Dependabot couldn't find a Dockerfile
Dependabot couldn't find a Dockerfile.
Dependabot requires a Dockerfile to evaluate your Docker dependencies. It had expected to find one at the path: /data/Dockerfiles/Dockerfile.
If this isn't a Docker project, you may wish to disable updates for it in the .github/dependabot.yml config file in this repo.
Seems dependabot cant into recursive folder search what I saw after googling for some secs https://github.com/dependabot/feedback/issues/145
I would use a config like this:
version: 2
updates:
# acme
- package-ecosystem: docker
directory: "/data/Dockerfiles/acme"
schedule:
interval: daily
time: "04:00"
timezone: "Europe/Berlin"
target-branch: "staging"
pull-request-branch-name:
separator: "-"
open-pull-requests-limit: 10
# reviewers:
# - "andryyy"
# clamd
- package-ecosystem: docker
directory: "/data/Dockerfiles/clamd"
schedule:
interval: daily
time: "04:00"
timezone: "Europe/Berlin"
target-branch: "staging"
pull-request-branch-name:
separator: "-"
open-pull-requests-limit: 10
# reviewers:
# - "andryyy"
# dockerapi
- package-ecosystem: docker
directory: "/data/Dockerfiles/dockerapi"
schedule:
interval: daily
time: "04:00"
timezone: "Europe/Berlin"
target-branch: "staging"
pull-request-branch-name:
separator: "-"
open-pull-requests-limit: 10
# reviewers:
# - "andryyy"
# dovecot
- package-ecosystem: docker
directory: "/data/Dockerfiles/dovecot"
schedule:
interval: daily
time: "04:00"
timezone: "Europe/Berlin"
target-branch: "staging"
pull-request-branch-name:
separator: "-"
open-pull-requests-limit: 10
# reviewers:
# - "andryyy"
# netfilter
- package-ecosystem: docker
directory: "/data/Dockerfiles/netfilter"
schedule:
interval: daily
time: "04:00"
timezone: "Europe/Berlin"
target-branch: "staging"
pull-request-branch-name:
separator: "-"
open-pull-requests-limit: 10
# reviewers:
# - "andryyy"
# olefy
- package-ecosystem: docker
directory: "/data/Dockerfiles/olefy"
schedule:
interval: daily
time: "04:00"
timezone: "Europe/Berlin"
target-branch: "staging"
pull-request-branch-name:
separator: "-"
open-pull-requests-limit: 10
# reviewers:
# - "andryyy"
# phpfpm
- package-ecosystem: docker
directory: "/data/Dockerfiles/phpfpm"
schedule:
interval: daily
time: "04:00"
timezone: "Europe/Berlin"
target-branch: "staging"
pull-request-branch-name:
separator: "-"
open-pull-requests-limit: 10
# reviewers:
# - "andryyy"
# postfix
- package-ecosystem: docker
directory: "/data/Dockerfiles/postfix"
schedule:
interval: daily
time: "04:00"
timezone: "Europe/Berlin"
target-branch: "staging"
pull-request-branch-name:
separator: "-"
open-pull-requests-limit: 10
# reviewers:
# - "andryyy"
# rspamd
- package-ecosystem: docker
directory: "/data/Dockerfiles/rspamd"
schedule:
interval: daily
time: "04:00"
timezone: "Europe/Berlin"
target-branch: "staging"
pull-request-branch-name:
separator: "-"
open-pull-requests-limit: 10
# reviewers:
# - "andryyy"
# sogo
- package-ecosystem: docker
directory: "/data/Dockerfiles/sogo"
schedule:
interval: daily
time: "04:00"
timezone: "Europe/Berlin"
target-branch: "staging"
pull-request-branch-name:
separator: "-"
open-pull-requests-limit: 10
# reviewers:
# - "andryyy"
# solr
- package-ecosystem: docker
directory: "/data/Dockerfiles/solr"
schedule:
interval: daily
time: "04:00"
timezone: "Europe/Berlin"
target-branch: "staging"
pull-request-branch-name:
separator: "-"
open-pull-requests-limit: 10
# reviewers:
# - "andryyy"
# unbound
- package-ecosystem: docker
directory: "/data/Dockerfiles/unbound"
schedule:
interval: daily
time: "04:00"
timezone: "Europe/Berlin"
target-branch: "staging"
pull-request-branch-name:
separator: "-"
open-pull-requests-limit: 10
# reviewers:
# - "andryyy"
# watchdog
- package-ecosystem: docker
directory: "/data/Dockerfiles/watchdog"
schedule:
interval: daily
time: "04:00"
timezone: "Europe/Berlin"
target-branch: "staging"
pull-request-branch-name:
separator: "-"
open-pull-requests-limit: 10
# reviewers:
# - "andryyy"
Also we can also add something like this
commit-message:
# Prefix all commit messages with "[Dockerfile]"
prefix: "[Dockerfile]"
See my test here which I did in some mins: https://github.com/MAGICCC/mailcow-dockerized/pulls/app%2Fdependabot
I wonder if it can also upgrade to a newer major release for e.g. debian? buster -> bullseye
I wonder if it can also upgrade to a newer major release for e.g. debian? buster -> bullseye
nope, https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates#about-dependabot-version-updates states that it uses semver, which does not support this.
@MAGICCC you are totally true ... I forgot about that dependabot doesn't work recursive. Do you wonna start a new PR or should I fix up mine?
I would like to wait for @andryyy answer. I like the idea, but we need to implent tests (maybe github actions?) if everything is building right etc.
Branch not deleted, sorry for that.
Closed, as we've introduced Renovate for that Job recently.
Sorry :(